Invitation per email but restricted by privacy rules

Hello, so I’m building an web app that allows me to invite a user in my app.
The formular to invite requires the email at least, and it creates a data, with the type “Invitation_registration”, where my privacy rules are applied. The recipient user has to click on the email unique link (that contains the id of the invitation) and set his password to sign in the app.

However, since my privacy rules are applied, the user cannot get acces to the field “email”, therefore the sign in fails since it requires an email.

Can you guys help please ? Thanks !

Hey,
Thanks for replying, but doing as so would allow everyone else to see the list of emails right ? Which is what I’m trying to avoid, explaining the presence of my privacy rules.

Reminder, the user isn’t connected when he is invited, nor his account is created. It’s when the user sets his password that it allows the user to create his account (using the email from the invitation).
That’s the way I do, but maybe this isn’t the best practice ?

I kinda see your point, thanks for the proposition :grin:

I would avoid following the advice you have been provided above. Great job for thinking about user privacy. To get around this, you need to bypass the privacy rules. You can do this by creating a backend workflow that is exposed publicly, and calling that backend workflow from the frontend.

The backend workflow will return the email for a given invite ID. Thoug,h perhaps the easiest way of approaching invites is actually creating the User account at the point of invite. I know another approach (and maybe this is the one you’re using now) is to just create an invite, and then only create the user account when they accept the invite, but creating the user account earlier makes it a little bit easier as you can send them the email and temp password password, they can log in, and then can see the invite via privacy rules.

4 Likes

I fully agree with @georgecollier : exposing a public backend workflow to bypass Bubble’s privacy rules is indeed the cleanest way to surface the invite email to the frontend. To complement this approach in Bubble, you can:

  • Define two API Workflows in the Backend

    1. GetInviteEmail (public): takes an Invite ID and returns only the Email field.
    2. RegisterUserFromInvite (also public): takes Invite ID and Password (or generates a temporary one), creates the User, then updates the Invite (AlreadyUsed = yes, UsedAt = Current date/time).
  • Frontend Loading

    • When the signup page loads, your “Signup” group calls “API Connector → GetInviteEmail,” fills the email input, and disables it.
    • On “Signup” action, call “RegisterUserFromInvite” with the same Invite ID and the chosen password.
  • Extra Backend Validations

    • In GetInviteEmail, check that Invite’s AlreadyUsed is no and that ExpiresAt > Current date/time. If either check fails, return a 400 error.
    • In RegisterUserFromInvite, repeat those checks before creating the User and updating the Invite.
  • Automated Email Sending

    • When you originally create the Invite, trigger a backend workflow that uses your email plugin (SendGrid, Postmark, etc.) to send the signup link.
    • That link points to your signup page with ?invite_id=…, exposing only the ID.

Let us know if it worked out :slight_smile:

2 Likes

Hey @carlovsk.edits, @georgecollier,

Thanks a lot for the suggestions, both matches my needs. I have choosen to create the user when I invite him, and during his subscription to my app, he can log in using his own password he chooses.

Again thanks for the solutions, it helps a lot !

2 Likes